Tech with Huzzi
Encryption 101

Photo by Markus Spiske on Unsplash

Encryption 101

Huzaifa Vakil's photo
Huzaifa Vakil
·

3 min read

This article will cover basics of encryption to give you an overview of how encryption is used in real world use cases.

Core components which are used in encryption are :-

  • Plaintext (It is not only text files but can include images, files and docs)

  • Algorithm (Blowfish, RC5, RC6, etc)

  • Key

  • Ciphertext (Protected data which can be used to transfer data in unsecure networks)

There are two types of encryption that are widely used :-

  • Encryption in Rest.

  • Encryption in Transit.

How does Encryption In Rest work ?

  • Data that needs to be encrypted is referred to as plaintext.

  • Secret Key (Any unique identifier which is known only to the concerned parties) which can be a password, a secret; is used to encrypt the data.

  • Using the key and algorithm; let's assume we have chosen the AES-256 algorithm; a ciphertext is generated which is encrypted and protected from intentional tampering of data.

  • Now if the same plaintext is to be derived; same key needs to be used to decrypt the ciphertext.

  • This is also a perfect example of how symmetric encryption works which I will cover later in the article.

Example: If a laptop is encrypted, only the passcode set by the user can be used to decrypt the storage data. If a thief has set eyes on your laptop and is successful in stealing your laptop, all he/she is going to get is a whole lot of scrambled data.

Before we dive into how encryption in transit is used. There are two important concepts that I need to give an overview on :-

  • Symmetric Encryption - Same key is used to encrypt/decrypt data

  • Asymmetric Encryption - Private and Public key is used to secure data over insecure networks.

It is not necessary that any one of the two encryptions can be used.

In fact, in most places; both of them are used for highly securing the data transfer.

How does Encryption in Transit work ?

  • We can use symmetric encryption in transit as well; but then it raises a question on how the same secret key can be transferred to the recipient of the data.

If an attacker gets the hold of the secret key, they can obtain the data that is being transfered. Key needs to be transferred securely in advance.

This where asymmetric encryption shines. It works as follows :-

  • For clear explanation, let us consider a scenario of communication between client and server.

  • Server generates public key and private key.

  • Shares the public key over the internet to the client.

  • Client in turn uses the shared public key and an algorithm to encrypt the plaintext.

  • Ciphertext is then transferred to the server which can only be decrypted by server's private key.

Even if an attacker gets the hold of the public key, all they can do is encrypt the data with the public key and nothing else as only server's private key can be used to decrypt the data

Example: SSL/TLS uses a combination of symmetric and asymmetric encryption. Is'nt that awesome ?!

That is all I wanted to cover in this article. Stay tuned for more.

encryption